alt Hacker NewsReally nice project – respect :) Finding that boot ROM mode by bridging GPIO lines is a great catch. Having a hardwired 'safety net' makes custom firmware projects much more viable. When you were testing the flasher, did you find the CXD2687's flash interface to be deterministic in its failure modes, or did you run into any race conditions/timing issues during the erase/write cycles?
Replies
superxpro12 • yesterday at 3:44 PM
how on earth did you discover this??? Did you reverse it from a dump?
Thanks! The main problem I had was conflicts with the 'patch' peripheral during the erase/write. This peripheral allows for a small virtual overlay in memory space. It was used in previous devices to fix small bugs by overwriting a couple of words in the ROM. As all the flashing code needs to live in SRAM during flashing, the vector table needs to be patched to point to the code in SRAM. During the erase/write cycle you need to poll the values on certain addresses to figure out success - and if you haven't correctly disabled the patch overlay that can go wrong. That was how I got my first brick :)